Method and Device for Detecting Attempts at Intruding on a Communication Link Between an Aircraft and a Ground Station

1. A method for detecting attempts at intruding on a communication link between an aircraft and a ground station, the communication link having a plurality of security configurations, each configuration having a respective level of security, the method comprising the following steps: a) when a message is received by a receiving section associated with the communication link, analyzing the message to determine a security level corresponding to the message; b) comparing the security level corresponding to the received message with a security level associated with the communication link; b1) checking a communication state associated with the communication link to determine whether the level of security of the communication link is established in a stable manner; and c) if the security levels compared in step b) are different, and if the communication state determined in step b1) is not stable, effecting an action relating to rejection of the received message and signaling of an intrusion attempt.

2. The method according to claim 1 , wherein said action relating to rejection of the received message and to signaling of an intrusion attempt is chosen from the following group: A1) the received message is rejected and the intrusion attempt is signaled; A2) the received message is rejected; or A3) the received message is accepted.

3. The method according to one of claims 1 or 2 , wherein, when the received message is rejected in step c), a message informing the emitter of the received message that the received message has been rejected is sent on the communication link.

4. The method according to claim 2 , wherein, in step c), a value of a communication state associated with the link is additionally verified and the effecting the action relating to rejection of the received message and to signaling of the intrusion attempt is effected as a function of the value of the communication state.

5. The method according to claim 1 , wherein, in step b), the security level associated with the communication link corresponds to a security level preselected in a communication management section.

6. The method according to claim 5 , further comprising, if the security levels compared in step b) are different, sending, on the communication link, a message asking the emitter of the received message to change the security level of the message in order to raise the security level to a same security level as the security level preselected in the communication management section.

7. The method according to claim 1 , wherein the security level of the message is a function of a type of the message.

8. The method according to claim 2 , further comprising: incrementing a counter when action A1) is undertaken in step c).

9. The method according to claim 2 , further comprising: incrementing a counter when action A2) is undertaken in step c), and resetting the counter to zero with a predetermined periodicity, an intrusion attempt being signaled when a value of the counter exceeds a predetermined threshold value.

10. The method according to claim 2 , wherein the communication link is capable of being configured according to: a first level corresponding to an absence of security of the communication link with respect to risks of attack by a pirate; a second security level corresponding to authentication of the emitter of a message; and a third security level corresponding to authentication of the emitter of a message, as well as encryption of messages transmitted on the communication link.

11. The method according to claim 10 , further comprising: undertaking action A3) when the security level of the received message corresponds to the second level and the security level associated with the communication link corresponds to the third level.

12. The method according to claim 4 , further comprising: undertaking action A1) or action A2) depending on whether the value of the communication state corresponds respectively to a stable security level or to a security level in a course of change.

13. A device for monitoring communication on a communication link between an aircraft and a ground station, the communication link having a plurality of security configurations each having a respective level of security, the device comprising: a transceiver that transmits and receives messages on the communication link; a communication management section connected to the transceiver; a communication monitoring section including an analyzing section that analyzes a message received by the transceiver to determine a security level corresponding to the message; a comparing section that compares the security level corresponding to the received message with a security level associated with the communication link and furnishes a comparison result; a state checking section that checks a communication state associated with the communication link to determine whether the level of security of the communication link is established in a stable manner; and a determining section that determines an action associated with the received message as a function of the comparison result furnished by the comparing section and the communication state determined by the state checking section.

14. The device according to claim 13 , wherein the determining section is further configured to verify a value of the communication state associated with the communication link and determine the action associated with the received message as a function of the value of the communication state.

15. The device according to claim 13 , wherein the communication management section includes the communication monitoring section.

16. The device according to claim 14 , wherein the communication management section is further configured to manage the value of the communication state associated with the communication link.

17. The device according to claim 13 , wherein the transceiver is installed on board the aircraft.

18. The device according to claim 13 , wherein the transceiver is installed in the ground station.

19. An aircraft having a communication monitoring section comprising: an analyzing section that analyzes a message received by a transceiver to determine a security level corresponding to the message; a comparing section that compares the security level corresponding to the received message with a security level associated with a communication link to a ground station and furnishes a comparison result; a state checking section that checks a communication state associated with the communication link to determine whether the security level associated with the communication link is established in a stable manner; and a determining section that determines an action associated with the received message as a function of the comparison result furnished by the comparing section and the communication state determined by the state checking section.

20. The method according to claim 1 , wherein, if the security levels compared in step b) are different and the communication state determined in step b1) indicates the security level associated with the communication link is in the course of change, the signaling of the intrusion attempt is not effected.

21. The device according to claim 13 , wherein, if the security levels compared by the comparing section are different and the communication state determined by the state checking section indicates the security level associated with the communication link is in the course of change, signaling of an intrusion attempt is not effected.